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LISTING OF CLAIMS: 

This listing of claims is provided for the Examiner's convenience: 

1-20 (Cancelled). 

21 . (Previously presented) A method for providing access to an online service, the method 
comprising: 

receiving a first digital certificate from a user, the first digital certificate attesting to at 
least one attribute of the user; 

determining, based at least in part on the first digital certificate, whether the user is 

authorized to access the online service; and 

if the user is determined by said determining step to be authorized to access the online 

service, issuing a second digital certificate to the user, the second digital certificate attesting to 

the user's permission to access the online service. 

22. (Previously Presented) A method as in claim 21 , further comprising: 
receiving a request from the user to access the online service; 

checking the second digital certificate to determine whether the user has permission to 
access the online service; and 

allowing the user to access the online service if it is determined that the user has 
permission to access the online service. 

23. (Previously Presented) A method as in claim 22, in which said checking step is 
performed in a protected processing environment at a local computer system from which the 
user made the request to access the online service. 
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24. (Previously Presented) A method as in claim 21 , further comprising: 
sending software for using the online service to the user; 

sending a digital signature for determining the integrity of the software to the user. 

25. (Previously Presented) A method as in claim 24, in which the digital signature is bound, 
at least in part, to the identity of the online service, 

26. (Previously Presented) A method as in claim 21 , further comprising: 

providing a third digital certificate to the user, the third digital certificate attesting to the identify 
of the online service, the third digital certificate being issued by a certifying authority. 

27. (Previously Presented) A method as in claim 26, in which the first digital certificate is 
issued by the certifying authority. 

28. (Previously Presented) A method as in claim 21 , in which the first digital certificate 
includes an indication of the user's age. 

29. (Previously Presented) A method as in claim 21 , in which the first digital certificate 
identifies a party responsible for paying for the user's access to online services. 

30. (Previously Presented) A method as in claim 29, further comprising: 

sending a request for payment to the party responsible for paying for the user's access 
to online services; and 

receiving an indication that payment has been received. 
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31 . (Previously Presented) A method as in claim 30, in which the steps of (a) sending a 
request for payment and (b) receiving an indication that payment has been received are 
performed prior to performing the step of sending the second digital certificate to the user. 

32. (Previously Presented) A method as in claim 21 , in which the second digital certificate 
attests to the user's permission to access the online service until a specified date. 

33. (Previously Presented) A method as in claim 21 , in which the at least one attribute 
comprises an indication of the amount of purchases the user is allowed to make in a given time 
period. 

34. (Previously Presented) A method as in claim 21 , in which the online service comprises 
an interactive online game. 

35. (Previously Presented) A method as in claim 34, further comprising: 
sending software for playing the online game to the user in a secure container. 

36. (Previously Presented) A method as in claim 21 , in which the online service comprises a 
subscription. 

37. (Previously Presented) A method as in claim 36, in which the second digital certificate 
includes an expiration date of the subscription. 

38. (Previously Presented) A method as in claim 21 , further comprising: 
collecting payment information from the user. 



PATENT 

Attorney Docket No. 7451 .0005-04000 
Intertrust Ref. No.: IT-7.2.1 (US) 

39. (Previously Presented) A method as in claim 38, further comprising: 
sending the payment information to a financialciearinghouse. 

40. (Previously Presented) A method as in claim 21 , further comprising: 
collecting information relating to the user's use of the online service. 

41 . (Previously Presented) A method as in claim 40, further comprising: 

sending the information relating to the user's use of the online service to a usage clearinghouse. 

42. (Withdrawn) A method for accessing an online service, the method comprising: 
sending a first request to access an online service from a user's site to an online service 

provider's website, the first request including a first digital certificate attesting to at least one 
attribute of the user; 

receiving a request for payment information; 

sending the payment information to the online service provider's website, or a website 
associated therewith; and 

receiving a second digital certificate, the second digital certificate indicating that the user 
is authorized to access the online service; 
accessing the online service. 

43. (Withdrawn) A method as in claim 42, further comprising: 
sending a second request to access the online service; 

checking the second digital certificate to determine whether the user has permission to 
access the online service; and 

allowing the user to access the online service if it is determined that the user has 
permission to access the online service. 

-5- 



PATENT 

Attorney Docket No. 7451.0005-04000 
intertrust Ref. No.: IT-7.2.1 (US) 

44. (Withdrawn) A method as in claim 43, in which said checking step is performed in a 
protected processing environment at the user's computer system. 

45. (Withdrawn) A method as in claim 42, further comprising: 
receiving software for using the online service; 

receiving a digital signature for determining the integrity of the software. 

46. (Withdrawn) A method as in claim 45, in which the digital signature is bound, at least in 
part, to the identity of the online service. 

47. (Withdrawn) A method as in claim 42, further comprising: 

receiving a third digital certificate, the third digital certificate attesting to the identify of the 
online service, the third digital certificate being issued by a certifying authority. 

48. (Withdrawn) A method as in claim 47, in which the first digital certificate is issued by the 
certifying authority. 

49. (Withdrawn) A method as in claim 42, in which the first digital certificate includes an 
indication of the user's age. 

50. (Withdrawn) A method as in claim 42, in which the first digital certificate identifies a party 
responsible for paying for the user's access to online services. 

51 . (Withdrawn) A method as in claim 42, in which the second digital certificate attests to the 
user's permission to access the online service until a specified date. 
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52. (Withdrawn) A method as in claim 42, in which the at least one attribute comprises an 
indication of the amount of purchases the user is allowed to make in a given time period. 

53. (Withdrawn) A method as in claim 42, in which the online service comprises an 
interactive online game. 

54. (Withdrawn) A method as in claim 53, further comprising: 

receiving a secure container from the online service provider's website, the secure 
container containing software for playing the online game. 

55. (Withdrawn) A method as in claim 42, in which the online service comprises a 
subscription. 

56. (Withdrawn) A method as in claim 55, in which the second digital certificate includes an 
expiration date of the subscription. 

57. (Withdrawn) A method as in claim 42, further comprising: 

sending information relating to the user's use of the online service to a remote site. 

58. (Withdrawn) A method as in claim 57, in which the remote site comprises a usage 
clearinghouse. 

59. (Withdrawn) A method as in claim 57, in which the remote site comprises the online 
service provider's website. 
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60. (Canceled) 

61 . (Canceled) 

62. (Withdrawn) A computer program product stored on a computer-readable medium, the 
computer program product including instructions that, when executed by a computer system, 
cause the computer system to perform acts comprising: 

sending a first request to access an online service to an online service provider's 
website, the first request including a first digital certificate attesting to at least one attribute of a 
user; 

receiving a request for payment information; 
sending the payment information to the online service provider's website, or a website 
associated therewith; 

receiving a second digital certificate, the second digital certificate indicating that the user 
is authorized to access the online service; and 
accessing the online service. 

63. (Withdrawn) A computer program product as in claim 62, the computer program product 
further including instructions that, when executed by a computer system, cause the computer 
system to perform acts comprising: 

sending a second request to access the online service; 

checking the second digital certificate to determine whether the user has permission to 
access the online service; and 

allowing the user to access the online service if it is determined that the user has 
permission to access the online service. 
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